Fallos del tipo CWE-269
1782 resultadosCVE-2025-61152MEDIUMpython-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any cryptographic signature verification. A maliEPSS 0.3%CVE-2025-13559CRITICALEduKart Pro <= 1.0.3 - Unauthenticated Privilege EscalationEPSS 0.3%CVE-2023-23430LOW
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptEPSS 0.3%CVE-2025-13538CRITICALFindAll Listing <= 1.0.5 - Unauthenticated Privilege EscalationEPSS 0.3%CVE-2023-23428LOW
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptEPSS 0.3%CVE-2023-25144HIGHAn improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and creaEPSS 0.3%CVE-2024-6325MEDIUMRockwell Automation Unsecured Private Keys in FactoryTalk® System ServicesEPSS 0.3%CVE-2025-28237HIGHAn issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers to escalate privileges via a crafted JSON EPSS 0.3%CVE-2026-1010HIGHStored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege EscalationEPSS 0.3%CVE-2026-23896HIGHimmich API Key Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-23990MEDIUMFlux Operator Web UI Impersonation Bypass via Empty OIDC ClaimsEPSS 0.3%CVE-2025-8218HIGHReal Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member'EPSS 0.3%CVE-2025-64489HIGHSuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User BypassEPSS 0.3%CVE-2026-28976HIGHAn information leakage was addressed with additional validation. This issue is fixed in macOS Tahoe 26.5. An app may be able to gain root prEPSS 0.3%CVE-2026-46916HIGHVulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management SpecEPSS 0.3%CVE-2026-46893CRITICALVulnerability in the JD Edwards EnterpriseOne General Ledger product of Oracle JD Edwards (component: E1 Foundation). The supported versioEPSS 0.3%CVE-2026-46972HIGHVulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations). SupEPSS 0.3%CVE-2026-46928HIGHVulnerability in the Oracle Spares Management product of Oracle E-Business Suite (component: Internal Operations). Supported versions that EPSS 0.3%CVE-2025-13764CRITICALWP CarDealer <= 1.2.16 - Unauthenticated Privilege EscalationEPSS 0.3%CVE-2026-1566HIGHLatePoint <= 5.2.7 - Authenticated (Agent+) Privilege EscalationEPSS 0.3%